Rapid7 Blog

Log Annotations - It's Nice to Share

POST STATS:

SHARE

I’m not saying the Dalai Lama was directly referring to our new annotations feature, but I’m pretty sure that if he needed a Log Management tool ours would tick a lot of his boxes (mind you being Head of Products I’m probably a bit biased).

Information is one of the most important assets any company has and the ability to easily share information with the right people at the right time is key to helping a business grow and thrive. This is never truer than in the IT industry where often the important pieces of information required to solve a problem or issue are hidden in code or in someone else’s head. This leads to higher costs due to increased man hours required in identifying and creating a route to a resolution.

With this in mind we are rolling out Log Annotations to provide a simple method of sharing and organizing information related to specific log events and activity. Log Annotations enable you to add notes and commentary to Tags, assign the Tag to yourself or other members of your team, and specify a workflow flag on the Tags to enable tracking of open issues.

This enables you and your teams to persist the most important pieces of information that are required in relation to events in your logs be it for now or in the future. It also gives you the power to manage the workflow of tasks, assign them to individuals, mark the progress of the issue and persist all this data beyond the life of the log events. So should the issue ever arise again in the future the information captured initially will be instantly highlighted and made available to the individual investigating the issue.

We have tried to take a very simple concept and build an easy-to-use tool that adds value to your logs and the associated Tags and real-time Alerts. On any Tag you have within Logentries you can simply add notes as an Annotation (btw, these cannot be deleted to prevent team members changing the history); you can assign the log event, performance issue, specific question, to a team member and set a status — all of which automatically creates trackable notes that the full team has access to. But what makes this really powerful is the fact that these annotations are live on beyond the retention period of your logs, so if the same events and problematic issues appear again, you have a record within the Log Annotation of the information, expertise, and resolution that was used to fix the issue initially (e.g. original employee has left the company).

Log Annotations can be used for anything and not just issue tracking. An example might be to use them for keeping track of important business information associated with sales or marketing.

Example: You might be logging your sales events and calculating your average sale value on a week-by-week basis. You could store this information in the Annotation so that could see historically product information and quickly make comparisons to the current value.

Put simply, the concept behind our new Annotations is a team-based tool that allows the sharing and storing of information linked to events within your logs.